I noticed that the wifi keys were 802.11 and wondered if they use encryption. I used airdump-ng and saw that they made a hidden net work. I wonder if something could be done so that an app could interface with the device. Also in airdump, I can see packets being sent and received from the vexnet keys.
If they don’t I will get on that really fast.
Imagine driving your robot from your phone
The easiest way to do that now is to use ConVEX or Pros, write a program which allows control of the robot over serial+Programming Kit. Then you can chain the commands like so:
No hacking involved.
According to airdump (part of kali linux) there is no encryption. Good thing new keys are coming out. I will try to post screenshots, but I will redact some of the numbers for some privacy.
I mean, honestly, I doubt cracking VexNET would do anyone any good. The big problem is the pairing part so it would be near impossible to hack into another team’s robot and what good would controlling your own over VexNET really do you? I guess I can think of some situations where it might help but at the end of the day there’s not really much point, and it’s completely illegal in competition.
Furthermore, as I outlined above, we already can control our robots wirelessly with far less work that cracking the VexNET protocol.
I did some work on this almost two years ago.
But this is one area that really is best kept private.
So basically it is possible to kill other robots on the field. Or do some wireless attack on a field.
It would be just as difficult as interfering with a laptop connected to an unsecured wireless network that you cannot connect to for some reason. Not impossible, but difficult, not worth the effort, and illegal (both in VEX rules and in FCC laws.)
but I guess that this is just one one vulnerabilities that could happen since the key is wifi based.
jpearman brings up a good point: if you do decipher the wifi protocol, please don’t publicly share how to do so–people who know enough not to get in trouble won’t need the help, and people who don’t know enough have no business playing with “fire.”
If you want to post a video of you controlling your robot with your computer, sure–that would be awesome to see. Just don’t tell us publicly how you did it.
I feel that teams might have an unfair advantage if they could control their robot from a electronic device in the audience. Better view of the field and no need to connect to the competition switch.
I know Daniel and a few others already said this, but I’d like to doubly reinforce this:
Against a good hacker, almost anything is possible. If you are planning anything - don’t: it’s morally wrong and illegal. Not only is it illegal from a VEX perspective, it is illegal from FCC regulation, and just about every other country’s wireless communication regulation. If you have firm evidence that somebody is doing this, please report it to the proper authorities.
I was under the impression that the VexNET link was secured during the pairing process. Good or bad if it can be compromised the issue should be explored and quietly reported to IFI.
It is not secured in the sense that the communications are encrypted and thus protected from being spied on. It is secured in the sense that the pairing makes it very difficult for another device to “steal” control.
So, the average hacker can tell what buttons you are pushing on your joystick but can’t change those values unless they are very, very good. I’m not saying nobody on the forums can do it, but I don’t think hacking VexNET is anything to worry about. I would be much more concerned about a team pulling a motor wire out or something than taking over control of the robot mid-match.
Studying the VEXNet protocol is interesting, but if you are looking for a good way to get computer control of a VEX robot, why not just hook up a servo driver to a Raspberry Pi?
You’d be able to run a webserver right on the robot and control it over the web, with streaming video from anywhere on the planet for less than $100.
Haven’t done it myself, yet… but I’ve got the streaming video and webserver control parts running, and just need to tie it all together with my robot. Maybe this summer.